CVE-2025-66309 | grav up to 1.10.x Admin Plugin /admin/pages/[page cross site scripting (GHSA-65mj-f7p4-wggq)

Inserito da Angelo Barbosa | Dic 1, 2025 | CVE

A vulnerability classified as problematic was found in grav up to 1.10.x. This issue affects some unknown processing of the file /admin/pages/[page of the component Admin Plugin. The manipulation results in cross site scripting.

This vulnerability is reported as CVE-2025-66309. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.

CVE-2025-66309 | grav up to 1.10.x Admin Plugin /admin/pages/[page cross site scripting (GHSA-65mj-f7p4-wggq)

Post correlati

CVE-2025-61949 | LogStare Collector Management Page cross site scripting

CVE-2023-52691 | Linux Kernel up to 6.7.1 si_dpm_init double free

CVE-2024-33870 | Ghostscript path traversal

CVE-2024-47850 | CUPS cups-browsed up to 2.4 HTTP POST Request denial of service